Malpedia Library

Click here to download all references as Bib-File.•

2023-09-01 ⋅ Microsoft ⋅ Microsoft Threat Analysis Center (MTAC)
Russia’s influence networks in Sahel activated after coups

2023-09-01 ⋅ ⋅ AhnLab ⋅ Ye Eun
Malicious LNK that distributes backdoors: RedEyes (ScarCruft)

2023-08-31 ⋅ DataBreaches.net ⋅ Dissent
One month later, Ranhill still hasn’t fully recovered from cyberattack
Desorden Group

2023-08-31 ⋅ AhnLab ⋅ Sanseo
Analysis of Andariel’s New Attack Activities
Andardoor BlackRemote Tiger RAT Volgmer

2023-08-30 ⋅ Forbes ⋅ Thomas Brewster
A Fake Signal App Was Planted On Google Play By China-Linked Hackers

2023-08-30 ⋅ NSFOCUS ⋅ NSFOCUS
APT34 Unleashes New Wave of Phishing Attack with Variant of SideTwist Trojan
SideTwist

2023-08-29 ⋅ Mandiant ⋅ Austin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Michael Raggi
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
GhostEmperor

2023-08-29 ⋅ Google ⋅ Austin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Michael Raggi
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
GhostEmperor UNC4841

2023-08-29 ⋅ KrebsOnSecurity ⋅ Brian Krebs
U.S. Hacks QakBot, Quietly Removes Botnet Infections
QakBot

2023-08-28 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities

2023-08-28 ⋅ National Coordination Center for Cyber Security
Gamaredon Activity amid Ukraine's Counteroffensive
Pteranodon

2023-08-28 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.

2023-08-28 ⋅ Juniper ⋅ Paul Kimayong
DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability
DreamBus

2023-08-26 ⋅ BushidoToken Blog ⋅ BushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY

2023-08-25 ⋅ Github (telekom-security) ⋅ Fabian Marquardt
DarkGate configuration extractor
DarkGate

2023-08-25 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
Warzone RAT configuration extractor
Ave Maria

2023-08-24 ⋅ ⋅ CYBERWISE ⋅ Ali Rıza Şahinkaya, Sevcan Kazdağ
“Proxy” Based Phishing Attacks Are on the Rise Again

2023-08-24 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
StealC configuration extractor
Stealc

2023-08-24 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
Flax Typhoon

2023-08-23 ⋅ Avertium ⋅ Avertium
Unraveling SCATTERED SPIEDER: A Stealthy and Persistent Threat Actor Targeting Telecom Networks